Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
File: AS5089.roa (raw, json)
Hash identifier: T/nap00U6kALt5b7WiBsM9Ntqav1QS4kDR/sg+t51qs=
Subject key identifier: B4:B2:F7:42:DF:36:A2:4A:9F:5B:B8:45:0A:9D:7E:42:E8:EE:E5:22
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2E2736FAA8F4FB686C33E222E720C2791E93B443
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
Signing time: Fri 08 May 2026 00:07:31 +0000
ROA not before: Fri 08 May 2026 00:02:31 +0000
ROA not after: Fri 07 May 2027 00:07:31 +0000
asID: 5089
IP address blocks: 82.21.66.0/24 maxlen: 24
82.21.76.0/24 maxlen: 24
82.21.127.0/24 maxlen: 24
82.21.136.0/24 maxlen: 24
82.23.149.0/24 maxlen: 24
82.23.150.0/24 maxlen: 24
82.25.132.0/24 maxlen: 24
82.26.0.0/18 maxlen: 24
82.26.84.0/24 maxlen: 24
82.26.112.0/24 maxlen: 24
82.26.119.0/24 maxlen: 24
82.27.110.0/24 maxlen: 24
82.41.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:27:36:fa:a8:f4:fb:68:6c:33:e2:22:e7:20:c2:79:1e:93:b4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 8 00:02:31 2026 GMT
Not After : May 7 00:07:31 2027 GMT
Subject: CN=B4B2F742DF36A24A9F5BB8450A9D7E42E8EEE522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:70:38:ba:e6:0a:4d:10:54:b5:6e:51:ff:27:
50:27:e9:e0:d3:8c:1b:51:aa:ac:16:31:2d:5f:61:
ce:18:47:e0:aa:cd:c9:f3:88:7f:f7:23:2c:2c:6b:
da:8f:97:1c:96:be:e1:27:58:ef:9e:c9:f0:35:b4:
45:38:1d:be:e2:aa:25:f2:cc:ec:c3:43:a6:f4:38:
fc:dd:12:dd:42:47:59:fe:d7:7f:7c:b1:a0:89:ca:
31:e2:da:0b:9b:fb:11:5a:ad:7e:89:43:cb:f3:89:
a5:c0:77:09:33:1a:23:b2:3b:4b:ad:56:9d:9e:ad:
80:a7:bc:69:93:1f:6d:f5:1c:42:68:7f:4e:f4:22:
78:48:a7:81:c7:a1:c5:02:d8:84:78:ae:fe:2d:f6:
66:89:f5:67:9d:a6:bf:62:4c:65:bd:e2:ec:0e:db:
cd:c9:c4:4c:c1:dd:26:38:ec:39:f3:b5:fe:e5:bc:
73:ed:88:2d:49:4c:8a:69:a1:1d:da:69:42:15:6a:
a7:14:b1:fd:5b:53:c6:3c:e0:82:f4:88:08:08:79:
a5:98:52:a8:6e:7c:dd:8a:67:c5:36:30:13:52:67:
c5:b9:39:af:41:09:06:ff:e7:d9:cb:ed:ee:6a:39:
fe:6a:a1:93:5d:69:69:95:b1:8c:b0:5e:69:1c:4d:
f4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B2:F7:42:DF:36:A2:4A:9F:5B:B8:45:0A:9D:7E:42:E8:EE:E5:22
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS5089.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.66.0/24
82.21.76.0/24
82.21.127.0/24
82.21.136.0/24
82.23.149.0-82.23.150.255
82.25.132.0/24
82.26.0.0/18
82.26.84.0/24
82.26.112.0/24
82.26.119.0/24
82.27.110.0/24
82.41.210.0/24
Signature Algorithm: sha256WithRSAEncryption
51:8b:c7:03:9b:fd:82:ba:65:ed:71:6f:56:96:23:27:3a:d0:
ef:9a:e4:3e:54:df:47:8f:68:93:61:10:18:03:28:32:bb:3e:
21:b0:7e:ae:c7:67:5b:ff:fb:2d:15:c5:d6:06:50:9b:6c:25:
e0:4a:68:cb:62:6a:17:fc:3f:cd:be:18:19:45:74:97:24:43:
ee:81:88:5a:b2:20:57:8b:be:04:26:03:b0:06:b8:ea:a3:7f:
76:c7:3f:1d:ec:8f:bf:dc:c8:0a:bd:c2:6c:61:09:38:3d:af:
1c:ce:89:c1:7d:c1:33:5e:48:d5:93:ba:87:4c:61:19:f3:db:
bd:70:c3:19:b8:db:ca:16:9e:e1:9e:dc:33:e8:17:24:96:8c:
80:6f:15:25:33:6f:3f:38:f9:b8:c9:d4:70:83:3d:28:d8:65:
54:da:41:b2:1c:f3:67:2a:ee:89:3b:a5:fa:8e:4a:e6:62:f0:
0e:ed:fb:06:db:90:6f:a0:ba:bd:b9:c8:3b:63:34:ff:2b:c9:
9e:89:31:50:0b:eb:61:64:1e:fe:72:df:a4:67:39:f5:55:f4:
06:24:2a:24:0e:1a:d1:bd:af:c7:51:69:c1:58:42:a0:3f:9f:
2c:4c:70:92:b9:c8:c2:c6:d9:6a:44:21:4f:97:de:f2:7e:ca:
30:0a:92:d8
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIULic2+qj0+2hsM+Ii5yDCeR6TtEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDgwMDAyMzFaFw0yNzA1MDcwMDA3MzFaMDMxMTAvBgNV
BAMTKEI0QjJGNzQyREYzNkEyNEE5RjVCQjg0NTBBOUQ3RTQyRThFRUU1MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCucDi65gpNEFS1blH/J1An6eDT
jBtRqqwWMS1fYc4YR+CqzcnziH/3Iywsa9qPlxyWvuEnWO+eyfA1tEU4Hb7iqiXy
zOzDQ6b0OPzdEt1CR1n+1398saCJyjHi2gub+xFarX6JQ8vziaXAdwkzGiOyO0ut
Vp2erYCnvGmTH231HEJof070InhIp4HHocUC2IR4rv4t9maJ9Wedpr9iTGW94uwO
283JxEzB3SY47Dnztf7lvHPtiC1JTIppoR3aaUIVaqcUsf1bU8Y84IL0iAgIeaWY
UqhufN2KZ8U2MBNSZ8W5Oa9BCQb/59nL7e5qOf5qoZNdaWmVsYywXmkcTfT1AgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUtLL3Qt82okqfW7hFCp1+Quju5SIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTA4OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAFIVQgME
AFIVTAMEAFIVfwMEAFIViDAMAwQAUheVAwQAUheWAwQAUhmEAwQGUhoAAwQAUhpU
AwQAUhpwAwQAUhp3AwQAUhtuAwQAUinSMA0GCSqGSIb3DQEBCwUAA4IBAQBRi8cD
m/2CumXtcW9WliMnOtDvmuQ+VN9Hj2iTYRAYAygyuz4hsH6ux2db//stFcXWBlCb
bCXgSmjLYmoX/D/NvhgZRXSXJEPugYhasiBXi74EJgOwBrjqo392xz8d7I+/3MgK
vcJsYQk4Pa8czonBfcEzXkjVk7qHTGEZ89u9cMMZuNvKFp7hntwz6BckloyAbxUl
M28/OPm4ydRwgz0o2GVU2kGyHPNnKu6JO6X6jkrmYvAO7fsG25BvoLq9ucg7YzT/
K8meiTFQC+thZB7+ct+kZzn1VfQGJCokDhrRva/HUWnBWEKgP58sTHCSucjCxtlq
RCFPl97yfsowCpLY
-----END CERTIFICATE-----
Generated at Tue May 12 21:49:46 2026 by rpki-client